Restrict ability to create pipelines

#1

Our team would like the ability to restrict creation and editing of pipelines. If someone’s Buildkite account gets compromised, an attacker would have the ability to create new pipelines or edit existing pipelines to run unapproved code within the context of our codebase.

How do others deal with this issue?

0 Likes

#2

We’re adding this soon for Enterprise accounts!

Out of interest, how are you protecting against compromised accounts for your source control?

0 Likes

#3

Our source control service allows us to require 2FA for users in our organization, so we have at least a little bit more protection there.

0 Likes